<html>
  <head>
    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <meta http-equiv="Content-Language" content="en" />
    <title>s6-linux-init: the s6-linux-init-maker program</title>
    <meta name="Description" content="s6-linux-init: the s6-linux-init-maker program" />
    <meta name="Keywords" content="s6 linux administration root init maker" />
    <!-- <link rel="stylesheet" type="text/css" href="//skarnet.org/default.css" /> -->
  </head>
<body>

<p>
<a href="index.html">s6-linux-init</a><br />
<a href="//skarnet.org/software/">Software</a><br />
<a href="//skarnet.org/">skarnet.org</a>
</p>

<h1> The <tt>s6-linux-init-maker</tt> program </h1>

<p>
<tt>s6-linux-init-maker</tt> reads configuration options on
the command line, and outputs a directory to place in the
root filesystem. That directory contains
a script that is suitable as an <tt>/sbin/init</tt> program
as well as all the necessary files that this script needs
to properly boot and bring up a full
<a href="//skarnet.org/software/s6/">s6</a>
infrastructure.
</p>

<p>
 s6-linux-init-maker only writes scripts. At boot time, these
scripts will call commands provided by other skarnet.org packages
such as
<a href="//skarnet.org/software/execline/">execline</a> and
<a href="//skarnet.org/software/s6/">s6</a>. It is the
responsibility of the administrator to make sure that all the
dependencies are properly installed at boot time, and that the
correct options have been given to <tt>s6-linux-init-maker</tt>
so that the programs are found <em>on the root filesystem of the
machine</em>. If it is not the case, the system will fail to boot.
</p>

<h2> Interface and usage </h2>

<pre>
     s6-linux-init-maker \
       [ -c <em>basedir</em> ] \
       [ -u <em>log_user</em> ] \
       [ -G <em>early_getty</em> ] \
       [ -1 ] \
       [ -L ] \
       [ -p <em>initial_path</em> ] \
       [ -m <em>initial_umask</em> ] \
       [ -t <em>timestamp_style</em> ] \
       [ -d <em>slashdev</em> ] \
       [ -s <em>env_store</em> ] \
       [ -e <em>initial_envvar</em> ] ... \
       [ -q <em>finalsleeptime</em> ] \
       [ -D <em>initdefault</em> ] \
       [ -n | -N ]
       [ -U <em>utmp_user</em> ] \
       <em>dir</em>
</pre>

<ul>
 <li> s6-linux-init-maker must be run as root, on the machine
that will boot an s6-based system. </li>
 <li> s6-linux-init-maker parses options on its command line. </li>
 <li> It writes data into a directory <em>dir</em>, which must not
exist beforehand. </li>
 <li> It exits 0 if everything went well, 100 if a user error occurred,
and 111 if a problem occurred during the creation of the directory
or its contents. </li>
</ul>

<p>
 Once the command has been run and <em>dir</em> has been created, there
are a few manual steps to take:
</p>

<ol>
 <li> <tt>s6-linux-init-maker</tt> has copied some scripts from the
<tt>/etc/s6-linux-init/skel</tt> directory (or the directory you
gave as an argument to the <tt>--skeldir</tt> configure option at
build time) to the <em>dir</em><tt>/scripts</tt> directory. You
should <strong>edit these scripts</strong> and adapt them to your use case.
(Or you could edit the skeleton scripts before running
<tt>s6-linux-init-maker</tt>.) The scripts are:
  <ul>
   <li> <tt>rc.init</tt>: this script will be run as <em>stage 2
initialization</em>, i.e. the initialization that happens once
<a href="//skarnet.org/software/s6/s6-svscan.html">s6-svscan</a>
is running as process 1, and should contain all your normal
system bootup tasks. Typically, it should initialize the service
manager and then order it to bring the machine state to its
fully operational state. <em>rc.init</em> is given the default
<em>runlevel</em> as a first argument (i.e. the name of the state
the machine should be brought to, traditionally <tt>default</tt>
for OpenRC and <tt>2</tt> or <tt>5</tt> for sysv-rc), and the
rest of the command line is made of the kernel's command line
except for the kernel arguments of the <em>key=value</em> form,
which have been stored into <em>env_store</em>. </li>
 <li> <tt>rc.shutdown</tt>: this script will be run as the
<em>shutdown sequence</em>, when the administrator runs the
<tt>shutdown</tt>, <tt>halt</tt>, <tt>poweroff</tt> or <tt>reboot</tt>
command. (As well as <tt>init 0</tt>, <tt>init 6</tt>,
<tt>telinit 0</tt> and <tt>telinit 6</tt> for compatibility
reasons.) It should ask the service manager to bring all the
services down, and exit when it's done (in other words: it should
not try to perform a hard halt/poweroff/reboot itself.)
No arguments are given to this script. </li>
 <li> <tt>runlevel</tt>: this script will be invoked for every
<em>runlevel change</em>, i.e. change of machine states. It is
given one argument: the name of the runlevel to change to.
Typically, the <em>runlevel</em> script should just invoke the
service manager, asking it to bring the machine state to the
wanted runlevel. </li>
  </ul> </li>
 <li> Copy the <em>dir</em> directory to the place declared as
<em>basedir</em> (<tt>/etc/s6-linux-init/current</tt> by default).
 Be careful: it contains fifos, files with
precise uid/gid permissions, and files with non-standard access rights,
so be sure to copy it verbatim. The
<a href="//skarnet.org/software/s6-portable-utils/s6-hiercopy.html">s6-hiercopy</a>
tool can do it, as well as the GNU or busybox <tt>cp -a</tt> or <tt>mv</tt> commands. </li>
 <li> Back up your <tt>/sbin</tt>. Then copy, link or symlink all the scripts
and symlinks in the <em>basedir</em><tt>/bin</tt> directory into <tt>/sbin</tt>.
 In particular, the <tt><em>basedir</em>/bin/init</tt> script should
be accessible as <tt>/sbin/init</tt>. </li>
</ol>

<h2> Boot sequence </h2>

<p>
 When the kernel boots, it may run an initramfs first, but in any
case it then runs the <tt>/sbin/init</tt> script,
also known as <em>stage 1</em>. This script is just an execution
of the <a href="s6-linux-init.html">s6-linux-init</a> program with
some command-line options that are directly transferred from the
<tt>s6-linux-init-maker</tt> invocation. Refer to the
<a href="s6-linux-init.html">s6-linux-init</a> man page to know
exactly what it does.
</p>

<h2> s6-linux-init-maker options </h2>

<ul>
 <li> <tt>-c</tt>&nbsp;<em>basedir</em>&nbsp;: at boot time, <em>stage 1</em>,
which should be accessible as <tt><em>basedir</em>/init</tt>,
will read its read-only data from <em>basedir</em>. After running
<tt>s6-linux-init-maker</tt>, you should make sure to copy the
created directory <em>dir</em> to <em>basedir</em>. <em>basedir</em>
must be absolute. Default is
<strong><tt>/etc/s6-linux-init/current</tt></strong>. </li> <p />

 <li> <tt>-u</tt>&nbsp;<em>log_user</em>&nbsp;: the catch-all
logger will run as the <em>log_user</em> user. Default is <tt>root</tt>. </li> <p />

 <li> <tt>-G</tt>&nbsp;<em>early_getty</em>&nbsp;: if this option
is set, <tt>s6-linux-init-maker</tt> will define an additional s6 service
that will be named <tt>s6-linux-init-early-getty</tt> and started
at the same time <em>rc.init</em> is executed. This early service
should be a getty, or equivalent, to allow logins even if <em>stage2</em> fails.
<em>early_getty</em> should be a simple command line: for instance,
<tt>"/sbin/getty 38400 tty1"</tt>. By default, no early service
is defined. </li> <p />

 <li> <tt>-1</tt>&nbsp;: make it so that all the messages that are
sent to the catch-all logger (i.e. all the error messages that are not
caught by a dedicated logger, as well as the output from <em>rc.init</em>,
<em>runlevel</em> and <em>rc.shutdown</em>)
are also copied to <tt>/dev/console</tt>. (Timestamps are not
copied to <tt>/dev/console</tt>.) This is generally useful to
debug a system at a glance, but if a failing program keeps sending
error messages, it may interfere with comfortable usage of an early
getty. A common workaround is to make the early getty start on
<tt>tty2</tt> and leave tty1 for <tt>/dev/console</tt> to print on. </li> <p />

 <li> <tt>-L</tt>&nbsp;: add an early <tt>s6-linux-init-logouthookd</tt>
service to clean up utmp records at user logout time. Check the
<a href="s6-linux-init-logouthookd">s6-linux-init-logouthookd</a> page
for details. </li> <p />

 <li> <tt>-p</tt>&nbsp;<em>initial_path</em>&nbsp;: the initial value
for the PATH environment variable, that will be transmitted to all the
starting process unless it's overridden by a PATH declaration via the
<tt>-e</tt> option.
It is absolutely necessary for
<a href="//skarnet.org/software/execline/">execline</a> and
<a href="//skarnet.org/software/s6/">s6</a>
binaries to be accessible via <em>initial_path</em>, else the machine
will not boot. Default is
<strong><tt>/usr/bin:/bin</tt></strong>. </li> <p />

 <li> <tt>-m</tt>&nbsp;<em>initial_umask</em>&nbsp;: the value of
the initial file umask for all the starting processes, in octal.
Default is <strong><tt>022</tt></strong>. </li> <p />

 <li> <tt>-t</tt>&nbsp;<em>timestamp_style</em>&nbsp;: how
logs are timestamped by the catch-all logger. 0 means no
timestamp, 1 means
<a href="http://cr.yp.to/libtai/tai64.html">external TAI64N format</a>,
2 means
<a href="http://www.iso.org/iso/home/standards/iso8601.htm">ISO 8601 format</a>,
and 3 means both. Default is
<strong><tt>1</tt></strong>. </li> <p />

 <li> <tt>-d</tt>&nbsp;<em>slashdev</em>&nbsp;: mount a devtmpfs.
If this option is given, <a href="s6-linux-init.html">s6-linux-init</a>
will mount a devtmpfs pseudo-filesystem on <em>slashdev</em>. This
is useful if the kernel has not been configured to mount
the devtmpfs at boot time and there is no static <tt>/dev</tt>.
By default, it is assumed that there is a suitable <tt>/dev</tt>
at boot time, and no additional devtmpfs is mounted. </li> <p />

 <li> <tt>-s</tt>&nbsp;<em>env_store</em>&nbsp;: stage 1 init sometimes
inherits a few environment variables from the kernel. (These variables
correspond to the arguments on the kernel command line that are of the
form <em>key=value</em>.) It empties its
environment before spawning <em>rc.init</em> and executing into s6-svscan, in
order to prevent those "kernel" environment variables from leaking
into the whole process tree. However, sometimes those variables are
needed at a later time; in that case, giving the <tt>-s</tt> option
to <tt>s6-linux-init-maker</tt> makes stage 1 init dump the "kernel" environment
variables into the <em>env_store</em> directory (under a format that is
later readable with
<a href="//skarnet.org/software/s6/s6-envdir.html">s6-envdir -fn</a>)
before erasing them. <em>env_store</em> should obviously be
a writable directory, so it should be located under <tt>/run</tt>
(or your chosen tmpfsdir)!
If this option is not given, the environment inherited from the kernel
isn't saved anywhere - which is the default. </li> <p />

 <li> <tt>-e</tt>&nbsp;<em>initial_envvar</em>&nbsp;: this option
can be repeated. For every <em>initial_envvar</em>, <tt>s6-linux-init-maker</tt>
will adjust the global environment directory in <em>dir</em>/env.
<em>initial_envvar</em> must either be of the form <em>VAR</em>,
to make sure that <em>VAR</em> does not appear in the global
environment, or of the form <em>VAR=VALUE</em>, to add an
environment variable <em>VAR</em> with the value <em>VALUE</em>.
The global environment is the environment that every supervised
process (as well as the <em>rc.init</em> script) will run with,
so it will be inherited by default by every process running on
the system.
The TZ variable, for instance, is a good candidate to be set in
the global environment. </li> <p />

 <li> <tt>-q</tt>&nbsp;<em>finalsleeptime</em>&nbsp;: when the machine
shuts down, all processes that have not already been killed during
<tt>shutdownscript</tt> will receive a SIGTERM or a SIGHUP to allow
them to exit gracefully; then, after <em>finalsleeptime</em>
milliseconds, they will receive a SIGKILL and the shutdown sequence
will go on. This option configures the amount of time that will
elapse between the SIGTERM/SIGHUP and the SIGKILL.
Default is <strong>2000</strong>, meaning a grace period of 2 seconds. </li> <p />

 <li> <tt>-D</tt>&nbsp;<em>initdefault</em>&nbsp;: boot the system with
a runlevel set to <em>initdefault</em>, which can be an arbitrary
string, but is usually <tt>2</tt>, <tt>3</tt>, <tt>5</tt> (traditional
sysvinit behaviour) or <tt>default</tt> (OpenRC behaviour). Default is
<tt>default</tt>. Note that if a <tt>2</tt>, <tt>3</tt>, <tt>4</tt>,
<tt>5</tt>, or <tt>default</tt> argument is encountered in the kernel
command line, it will be interpreted as the runlevel to boot the system
on, and will override the default given here. </li> <p />

 <li> <tt>-n</tt>&nbsp;: at boot time, assume that a tmpfs is already
present on <tt>/run</tt> (or the argument that was given to the
<tt>--tmpfsdir</tt> configure option at build time) and that its
contents are essential. Instead of unmounting <tt>/run</tt> then
mounting a tmpfs on it, <a href="s6-linux-init.html">s6-linux-init</a>
will simply remount <tt>/run</tt>. This option is useful when
s6-linux-init is used on a distribution that imposes its initramfs
and said initramfs writes data to <tt>/run</tt> that is then used
by the distribution's initialization scripts. (An initramfs should
normally be transparent and leave no trace in the filesystem;
unfortunately, a lot of distributions do not care.) By default,
<tt>/run</tt> will be unmounted at boot time (just in case), and
then a tmpfs will be mounted on it. <strong>Do not</strong> use
this option if you are not sure: failure to remount <tt>/run</tt>
will cause init to die and the kernel to panic. This option is
incompatible with the <tt>-N</tt> option. </li> <p />

 <li> <tt>-N</tt>&nbsp;: at boot time, do not perform
mounting/unmounting/remounting on <tt>/run</tt> (or the <em>tmpfsdir</em>
declared at build time) <strong>at all</strong>. By default,
a tmpfs is mounted on <tt>/run</tt> at boot time. This option is
useful when s6-linux-init is used to boot on an initramfs that
will remain the de facto rootfs of the system (which is the case
for instance in certain live CDs or certain embedded devices), in
which case the rootfs is already read-write and in RAM and mounting
an additional tmpfs is unnecessary. <strong>Do not</strong> use this
option if your rootfs is read-only: failure to write to <tt>/run</tt>
will cause init to die and the kernel to panic. This option is
incompatible with the <tt>-n</tt> option. </li> <p />

 <li> <tt>-U</tt>&nbsp;<em>utmp_user</em>&nbsp;: this option is only
available when the s6-linux-init package has been built with the
<tt>--enable-utmps</tt> configure option, that enables support for the
<a href="//skarnet.org/software/utmps/">utmps</a> package. The option
defines the user that the <tt>utmpd</tt> and <tt>wtmpd</tt> services
will run as. Default is <tt>utmp</tt>. </li> <p />
</ul>

<h2> Organization of the created directory </h2>

<p>
 If <tt>s6-linux-init-maker</tt> returns successfully, <em>dir</em>
contains data that will be used at boot time. (Actually,
<em>basedir</em> will be used at boot time, not <em>dir</em>. Do not
forget to copy <em>dir</em> to <em>basedir</em> once you have checked
you are happy with what <tt>s6-linux-init-maker</tt> has created.)
</p>

<p>
 This boot-time data is made of several subdirectories:
</p>

<ul>
 <li> <tt>bin</tt>: this subdirectory contains scripts and symlinks
that should be copied to <tt>/sbin</tt> or <tt>/bin</tt>. There is
an <tt>init</tt> program performing stage 1 init, a <tt>telinit</tt>
program to change runlevels, and utilities to order a machine shutdown. </li>
 <li> <tt>env</tt>: this subdirectory is the envdir that is
used to store the global environment. It will be read at boot time
by stage 1 init, and transmitted to all spawned processes. </li>
 <li> <tt>scripts</tt>: this subdirectory contains a copy of the
skeleton scripts that have been installed in <tt>/etc/s6-linux-init/skel</tt>
(or the argument to the <tt>--skeldir</tt> configure option at
build time). These scripts should be edited before booting. They are
described above. </li>
 <li> <tt>run-image</tt>: this is a file hierarchy that will be
copied verbatim at boot time to the newly made and mounted
<tt>/run</tt> tmpfs (or whatever your <em>tmpfsdir</em> is). The
subdirectories it contains are the following:
  <ul>
   <li> <tt>uncaught-logs</tt>: this is the directory where the
catch-all logger will store and rotate the error messages produced
by the s6 supervision tree and the services that do not redirect
their own logs. </li>
   <li> <tt>service</tt>: <tt>/run/service</tt> will be the scandir.
It initially contains a <tt>.s6-svscan</tt> subdirectory that
tells <a href="//skarnet.org/software/s6/s6-svscan.html">s6-svscan</a>
what to do if it receives a signal (typically via the ctrlaltdel
combination) and ensures a hard reboot if <tt>s6-svscan</tt> ever fails. It
also contains a list of early services, i.e. s6 services that will
be run at boot time as soon as <tt>s6-svscan</tt> is executed. These
services are:
    <ul>
     <li> <tt>s6-svscan-log</tt>: the catch-all logger. </li>
     <li> <tt>s6-linux-init-shutdownd</tt>: a service that listens
to shutdown commands such as <tt>reboot</tt> and triggers the software
shutdown procedure. </li>
     <li> <tt>s6-linux-init-runleveld</tt>: a service that listens
to runlevel change commands such as <tt>telinit</tt> and calls the
<em>runlevel</em> script in a reproducible environment to bring the
machine to the wanted state. </li>
     <li> (If the <tt>-L</tt> option has been given to
<tt>s6-linux-init-maker</tt>) <tt>s6-linux-init-logouthookd</tt>:
the "clean up user utmp records at logout time" service. See the
<a href="s6-linux-init-logouthookd.html">s6-linux-init-logouthookd</a>
page for details. </li>
     <li> (If the <tt>-G</tt> option has been given to
<tt>s6-linux-init-maker</tt>) <tt>s6-linux-init-early-getty</tt>:
the early getty service, that will allow a user to log in even if
<em>rc.init</em> fails to bring the machine to a state where logins
are possible. </li>
    </ul> </li>
  </ul> </li>
</ul>

<p>
 If s6-linux-init has been built with
<a href="//skarnet.org/software/utmps/">utmps</a> support, some more
directories may exist:
</p>

<ul>
 <li> A directory somewhere under <tt>run-image</tt>, by default <tt>utmps</tt>,
that is the location where the utmp and wtmp files will be created. </li>
 <li> Two additional early services named <tt>utmpd</tt> and <tt>wtmpd</tt>,
that are the <a href="//skarnet.org/software/utmps/">utmps</a> way of
providing secure utmp functionality. </li>
</ul>

<h2> Notes </h2>

<p>
 A directory created by <tt>s6-linux-init-maker</tt> is only valid on
the machine it has been created on. Pre-creating init directories for
other machines is not supported.
</p>

<p>
 After booting, <em>basedir</em> should remain untouched during the
lifetime of the machine, because the machine state change and shutdown
procedures will look for data in <em>basedir</em>. New invocations of
<tt>s6-linux-init-maker</tt> should use a different <em>basedir</em>.
</p>

<p>
 The difficult parts of
<a href="//skarnet.org/software/s6/s6-svscan-1.html">running
s6-svscan as process 1</a> are:
</p>

<ul>
 <li> The fact that the supervision tree requires writable directories,
so in order to accommodate read-only root filesystems, there needs to
be a tmpfs mounted before s6-svscan is run. </li>
 <li> The catch-22 coming from the need to redirect the supervision
tree's output away from <tt>/dev/console</tt> (which is fine for a
first process invocation but impractical for log management of a
whole process tree) and into a logger that is itself managed by the
supervision tree it's reading data from. </li>
 <li> Keeping appearances of compatibility with another init system
is difficult: in particular, the mechanisms around the shutdown
procedure are fundamentally different from about any other init
system, so even a simple command such as <tt>reboot</tt> needs an
ad-hoc implementation. </li>
</ul>

<p>
 The main benefit of <tt>s6-linux-init-maker</tt> is that it offers
transparent compatibility while automating the tricky technical part.
That means that <tt>s6-linux-init-maker</tt> has been designed for
<em>real hardware</em>, or at least full-fledged Linux systems,
where the above issues apply. If you are building an init system for a
container, or anything similar that does not
have the <tt>/dev/console</tt> issue, the read-only rootfs issue,
or the need for sysvinit compatibility,
you will probably not reap much benefit from using <tt>s6-linux-init-maker</tt>:
you could probably invoke
<a href="//skarnet.org/software/s6/s6-svscan.html">s6-svscan</a>
directly as your process 1, or build a script by hand, which
would result in a simpler init with less dependencies.
</p>

</body>
</html>
